Vulnerabilities in nhost
4 resultsCVE-2026-41574CRITICALNhost Vulnerable to Account Takeover via OAuth Email Verification BypassEPSS 0.8%CVE-2026-34200HIGHNhost CLI MCP Server: Missing Inbound Authentication on Explicitly Bound Network PortEPSS 0.4%CVE-2026-34969LOWNhost Leaks the Refresh Token via URL Query Parameter in OAuth Provider CallbackEPSS 0.3%CVE-2026-33221LOWNhost Storage Affected by MIME Type Spoofing via Trusted Client Content-Type Header in Storage UploadEPSS 0.2%